Vulnerabilities > Apple > MAC OS X > 10.3.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-08-16 | CVE-2015-3783 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | 7.5 |
2015-08-16 | CVE-2015-3782 | Information Exposure vulnerability in Apple Iphone OS and mac OS X CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app. | 4.3 |
2015-08-16 | CVE-2015-3781 | Cross-site Scripting vulnerability in Apple mac OS X Cross-site scripting (XSS) vulnerability in Quick Look in Apple OS X before 10.10.5 allows remote attackers to inject arbitrary web script or HTML via a previously visited web site that is rendered during a Quick Look search. | 4.3 |
2015-08-16 | CVE-2015-3780 | Information Exposure vulnerability in Apple mac OS X The Bluetooth subsystem in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app. | 4.3 |
2015-08-16 | CVE-2015-3778 | Information Exposure vulnerability in Apple Iphone OS and mac OS X bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic. | 3.3 |
2015-08-16 | CVE-2015-3777 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages. | 7.2 |
2015-08-16 | CVE-2015-3776 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist. | 9.3 |
2015-08-16 | CVE-2015-3775 | Improper Authentication vulnerability in Apple mac OS X Apple OS X before 10.10.5 does not properly implement authentication, which allows local users to obtain admin privileges via unspecified vectors. | 7.2 |
2015-08-16 | CVE-2015-3774 | Improper Input Validation vulnerability in Apple mac OS X The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream. | 4.8 |
2015-08-16 | CVE-2015-3773 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X The SMB client in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | 7.5 |